tomcat-dev mailing list archives

Amy Roh wrote:
> What's the background for StandardEngine returning JAAS realm by default
> when its realm is null?
>
> Thanks,
> Amy
Speaking of auth: how difficult would it be to change the user management
part in /admin to use a different model.
Instead of one mbean per user - which is extremely inefficient and can't
scale - it would be one mbean for the entire realm. It can have a method
to return the list of user names, and one to return attributes for
an individual user. Or something like that.
I didn't do any research in this area - if there are any reasonable user
management APIs in use.
IMO JAAS should be recomended for authentication, and we should also try to
get JAAS LoginModules to be manageable and register an mbean. That would
be very usefull for other reasons - monitoring, caching and also consistent
configuration ( i.e. people would configure the mbean, and not have to edit
login.config options ).
Costin
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org